The Eleventh Circuit Court of Appeals said no this week to tracking your movements using data from your cell phone without a warrant when it declared that this information is constitutionally protected.

The case, United States v. Davis , is important not only because it provides substantive and procedural protections against abuse of an increasingly common and highly invasive surveillance method. It also provides support for something Christopher Sprigman and I have said before — that the government’s other “metadata” collection programs are unconstitutional.

The Davis decision, in effect, suggests that the U.S. government’s collection of all kinds of business records and transactional data — commonly called “metadata” — for law enforcement and national security purposes may also be unconstitutional.

Jennifer Granick

Jennifer Granick is the Director of Civil Liberties at the Stanford Center for Internet and Society. Jennifer returns to Stanford after working with the internet boutique firm of Zwillgen PLLC. Before that, she was the Civil Liberties Director at the Electronic Frontier Foundation.

Your phone sends signals to the nearest cell towers so that the communications network system knows where to route a call should one come in. Many providers collect and store the location of towers a customer connects to at the beginning and end of the call for billing purposes. FBI agents in Davis obtained these records without a search warrant and used them to place the defendant, Quartavious Davis, near the scene of a number of robberies.

The Davis decision, in effect, suggests that the U.S. government’s collection of other kinds of business records and transactional data, commonly called “metadata”, for law enforcement and national security collection may also be unconstitutional.

The prosecution had argued that cell tracking without a warrant is constitutional per the 1979 case Smith v. Maryland. In that case, the Supreme Court said that phone users have no “reasonable expectation of privacy” in the phone numbers they dial, and therefore they aren’t protected under the Fourth Amendment. Key to the Smith case was the Court’s view that the suspect had knowingly disclosed the phone numbers to the phone company and therefore had no protection with regard to them. Additionally, Smith built on the 1976 case of United States v. Miller, which held that a person does not have Fourth Amendment rights in their bank records because they are the bank’s business records and not the customer’s private data. Together the cases are known as the “third-party doctrine,” which says that you have no Fourth Amendment interest in a third party’s business records because you have voluntarily disclosed information to the business and assumed the risk of that information being further disclosed to the government.

This third-party doctrine is what the NSA has used to justify its current warrantless bulk collection of phone call records — revealed in documents leaked by Edward Snowden — as well as its past collection of internet transactional information, and its suspected acquisition of financial information.

Challenges to the phone records bulk-collection program are currently wending their way through the federal courts. Last December, a District of Columbia judge held that the bulk collection of phone records violates the Fourth Amendment — regardless of Smith — and called the program “almost Orwellian.” Yet shortly thereafter a different district court judge relied on Smith to give the program his stamp of approval. This month, a third federal judge opined that the Supreme Court should overturn Smith v. Maryland — but until it does so, he was obligated to allow the calling records collection program to continue.

Great Privacy News for Everyone

The Eleventh Circuit federal appellate court has rejected the idea, however, that Smith and Miller allow warrantless acquisition of business records that reveal intimate matters. Instead, the court looked to a more recent Supreme Court case — United States v. Jones (2012) — which held that attaching a GPS-tracking device to a vehicle and using the device to monitor the car’s movements was a trespass that violated the Fourth Amendment because it interfered with the defendant’s property interest in the car. In concurring opinions, Justice Sonia Sotomayor and four other justices added that the GPS surveillance “impinge[d] on expectations of privacy” because it allowed authorities to monitor every place a suspect traveled and infer many things about a suspect’s private life based on that information.

The Eleventh Circuit concluded that under the “reasonable expectation of privacy” test, location information is Fourth Amendment protected.

Relying on the Jones concurrences, the Eleventh Circuit concluded that under the “reasonable expectation of privacy” test, cell phone location data is also protected under the Fourth Amendment, since this data can reveal private matters such as “being near the home of a lover, or a dispensary of medication, or a place of worship, or a house of ill repute”. The appellate judges also dismissed the argument used in Smith that people lose their right to data submitted to businesses, rejecting the idea that people know in any meaningful way that in using their cell phone they are sending their location information to a provider.

Davis, by refusing to apply Smith and Miller in a stored records case, has taken a giant step away from the legal justification propping up many of the government’s targeted and bulk metadata collection practices.

The appellate judges in Davis, by refusing to apply Smith and Miller to a case involving stored records, have taken a giant step toward undermining the legal justification propping up many of the government’s targeted and bulk metadata collection practices. The call detail records that the NSA gets under its Section 215 collection program — which provide information about phone numbers called and received and the duration of calls — include far more detailed data than the simple information at issue in Smith and are far more revealing of private conduct, social networks, and thought processes. This is especially true because the records are collected in bulk.

In Jones, Justice Sotomayor opined that it may be time to rethink the third-party doctrine. The Eleventh Circuit has taken a step in that direction, writing an appellate-level opinion that rejects the extension of those 1970s-era cases to modern communication networks and data. This is great privacy news for anyone who uses a cell phone. But it’s also a tremblor suggesting that when appellate courts finally get hold of the NSA’s bulk metadata collection programs, these programs may very well be knocked down.